Causes SSL_CTX_new to return NULL
David von Oheimb
dev at ddvo.net
Tue Aug 31 06:02:16 UTC 2021
Hello Hiroshi,
unfortunately the memory allocation failure reporting of OpenSSL is
still unsystematic;
see also https://github.com/openssl/openssl/issues/6251.
SSL_CTX_new() is pretty complex and can fail for many reasons.
In the case you quote below, its call of
EVP_get_digestbyname("ssl3-md5") fails for some reason.
Since you get this behavior not all the time, its is clear that this
cannot be due to a statically determined
reason (such as the MD5 implementation not being available), so this
must be due to lack of memory.
It might be also due to some (other) issue with multi-threading, but
very likely not.
David
On 31.08.21 03:19, 青木寛 / AOKI,HIROSHI wrote:
> I would like some advice as to why I am getting NULLs returned as a result of calling SSL_CTX_new.
>
> The library I'm using is OpenSSL 1.1.1k.
> The argument to SSL_CTX_new is TLS_server_method().
> The message retrieved by ERR_get_error and ERR_error_string was the following.
> "error:140A90F2:SSL routines:SSL_CTX_new:unable to load ssl3 md5 routines".
> The phenomenon does not always occur, but sometimes it does.
>
> In the environment where the problem occurred, many services were running and memory was scarce, so I suspect that lack of memory was the cause.
> Are there any other possible causes?
> --------
> Hiroshi Aoki
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210831/c65c8337/attachment.html>
More information about the openssl-users
mailing list